gpg: New option --forbid-gen-key.

* g10/gpg.c (oForbidGenKey, opts): New option.
(mopt): New local struct
(gen_key_forbidden): New.
(main): Set and handle the option.
--

In large system installation it is sometimes useful to make it a bit
harder for users to generate their own keys.  An example is a policy
to not use on-disk keys.
This commit is contained in:
Werner Koch 2021-11-22 20:59:22 +01:00
parent b091a250d1
commit c397ba3ac0
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 46 additions and 9 deletions

View File

@ -3635,6 +3635,12 @@ This option modifies the behaviour of the commands
sub-commands of @option{--edit-key} by forcing the creation of a key
signature, even if one already exists.
@item --forbid-gen-key
@opindex forbid-gen-key
This option is intended for use in the global config file to disallow
the use of generate key commands. Those commands will then fail with
the error code for Not Enabled.
@item --allow-secret-key-import
@opindex allow-secret-key-import
This is an obsolete option and is not used anywhere.

View File

@ -440,6 +440,7 @@ enum cmd_and_opt_values
oNoIncludeKeyBlock,
oChUid,
oForceSignKey,
oForbidGenKey,
oNoop
};
@ -907,6 +908,7 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_s (oChUid, "chuid", "@"),
ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
ARGPARSE_s_n (oUseKeyboxd, "use-keyboxd", "@"),
ARGPARSE_s_n (oForbidGenKey, "forbid-gen-key", "@"),
/* Options which can be used in special circumstances. They are not
* published and we hope they are never required. */
ARGPARSE_s_n (oUseOnlyOpenPGPCard, "use-only-openpgp-card", "@"),
@ -1025,6 +1027,12 @@ static int maybe_setuid = 1;
static unsigned int opt_set_iobuf_size;
static unsigned int opt_set_iobuf_size_used;
/* Collection of options used only in this module. */
static struct {
unsigned int forbid_gen_key;
} mopt;
static char *build_list( const char *text, char letter,
const char *(*mapf)(int), int (*chkf)(int) );
static void set_cmd( enum cmd_and_opt_values *ret_cmd,
@ -1036,6 +1044,8 @@ static void add_keyserver_url( const char *string, int which );
static void emergency_cleanup (void);
static void read_sessionkey_from_fd (int fd);
/* NPth wrapper function definitions. */
ASSUAN_SYSTEM_NPTH_IMPL;
@ -2292,8 +2302,13 @@ set_compliance_option (enum cmd_and_opt_values option)
}
static void
gen_key_forbidden (void)
{
write_status_failure ("gen-key", gpg_error (GPG_ERR_NOT_ENABLED));
log_error (_("This command is not allowed while in %s mode.\n"),
"forbid-gen-key");
}
/* This function called to initialized a new control object. It is
@ -3703,6 +3718,10 @@ main (int argc, char **argv)
opt.flags.full_timestrings = 1;
break;
case oForbidGenKey:
mopt.forbid_gen_key = 1;
break;
case oNoop: break;
default:
@ -4683,18 +4702,25 @@ main (int argc, char **argv)
}
}
}
quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire);
if (mopt.forbid_gen_key)
gen_key_forbidden ();
else
quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire);
xfree (username);
}
break;
case aKeygen: /* generate a key */
if( opt.batch ) {
if (mopt.forbid_gen_key)
gen_key_forbidden ();
else if( opt.batch )
{
if( argc > 1 )
wrong_args("--generate-key [parameterfile]");
generate_keypair (ctrl, 0, argc? *argv : NULL, NULL, 0);
}
else {
}
else
{
if (opt.command_fd != -1 && argc)
{
if( argc > 1 )
@ -4707,11 +4733,13 @@ main (int argc, char **argv)
wrong_args ("--generate-key");
else
generate_keypair (ctrl, 0, NULL, NULL, 0);
}
}
break;
case aFullKeygen: /* Generate a key with all options. */
if (opt.batch)
if (mopt.forbid_gen_key)
gen_key_forbidden ();
else if (opt.batch)
{
if (argc > 1)
wrong_args ("--full-generate-key [parameterfile]");
@ -4759,7 +4787,10 @@ main (int argc, char **argv)
}
}
}
keyedit_quick_addkey (ctrl, x_fpr, x_algo, x_usage, x_expire);
if (mopt.forbid_gen_key)
gen_key_forbidden ();
else
keyedit_quick_addkey (ctrl, x_fpr, x_algo, x_usage, x_expire);
}
break;